Alternatives and similar repositories for blueprint-securesoftwarepipeline:

Users that are interested in blueprint-securesoftwarepipeline are comparing it to the libraries listed below

• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆54Updated last year
• chughes757 / SecureSoftwareSupplyChain
  This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.
  ☆137Updated 2 years ago
• ScaleSec / fedrampup
  Gathers AWS inventory and outputs CSV in the format for FedRAMP SSP
  ☆36Updated 6 years ago
• rallyhealth / conftest-policy-packs
  Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.
  ☆58Updated last year
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated 8 months ago
• google / localtoast
  ☆111Updated 3 weeks ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆170Updated 2 months ago
• chughes29 / DoD-Federal-Government-Cloud-Computing-Resources
  A collection of DoD and Federal Government Cloud Computing Resources
  ☆48Updated 3 years ago
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆81Updated last week
• cloud-native-security-controls / controls-catalog
  ☆16Updated 8 months ago
• openvex / vexctl
  A tool to create, transform and attest VEX metadata
  ☆126Updated this week
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆97Updated last year
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆413Updated 4 months ago
• orcasecurity / orca-toolbox
  ☆111Updated 2 weeks ago
• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆34Updated 7 months ago
• openraven / magpie
  A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …
  ☆179Updated 5 months ago
• snyk-tech-services / snyk-scm-contributors-count
  Count distinct contributor of Snyk watched repos across several SCM
  ☆32Updated 7 months ago
• ossf / s2c2f
  The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…
  ☆195Updated 5 months ago
• ksoclabs / kube-goat
  A deliberately vulnerable Kubernetes cluster
  ☆120Updated last year
• octarinesec / kccss
  Kubernetes Common Configuration Scoring System
  ☆124Updated 2 years ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆70Updated last year
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated last year
• SeisoLLC / easy_infra
  A docker container to simplify and secure the use of Infrastructure as Code (IaC)
  ☆69Updated this week
• prancer-io / prancer-compliance-test
  This repository includes cloud security policies for IaC and live resources.
  ☆39Updated 7 months ago
• policy-hub / policy-hub-cli
  CLI for searching Rego policies
  ☆104Updated 2 years ago
• snyk-labs / snyk-cicd-integration-examples
  Examples of integrating the Snyk CLI into a CI/CD system
  ☆84Updated last month
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Updated last year
• snyk-labs / snyk-scm-refresh
  Keeps Snyk projects in sync with their associated Github repos
  ☆23Updated last year
• mitre / aws-foundations-cis-baseline
  InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark
  ☆78Updated 3 weeks ago
• dearauditor / dearauditor.github.io
  devops and audit, together forever
  ☆31Updated 6 years ago